Gathering detailed insights and metrics for serverless-plugin-custom-roles
Gathering detailed insights and metrics for serverless-plugin-custom-roles
Installations
npm install serverless-plugin-custom-rolesReleases
Unable to fetch releases
Developer
AntonBazhal
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=10
Typescript Support
No
Node Version
12.22.7
NPM Version
2.15.12
Statistics
13 Stars
49 Commits
11 Forks
3 Watching
2 Branches
5 Contributors
Updated on 12 Jan 2023
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
1,429,587
Last day
42.8%
687
Compared to previous day
Last week
21.3%
3,573
Compared to previous week
Last month
2.9%
12,576
Compared to previous month
Last year
-16.8%
222,184
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Versions
serverless-plugin-custom-roles
A Serverless plugin that makes creation of per function IAM roles easier. It mimics serverless behavior, but creates separate roles for each function instead of a shared one. If you want to create per function roles without using this plugin, you are responsible for providing the corresponding permissions for your function logs and stream events and need to repeat the same permissions from function to function.
Usage
1service: my-service 2 3plugins: 4 - serverless-plugin-custom-roles 5 6provider: 7 name: aws 8 iam: 9 role: 10 statements: # [Optional] these statements will be applied to all functions 11 - Effect: "Allow" 12 Action: 13 - "xray:PutTraceSegments" 14 - "xray:PutTelemetryRecords" 15 Resource: "*" 16 permissionsBoundary: "arn:aws:iam::123456789012:policy/boundaries" # [Optional] the ARN of the policy used to set the permissions boundary for the role 17 18functions: 19 function1: 20 handler: 'src/function1.js' 21 iamRoleStatements: # [Optional] these statements will be applied to this function only (in addition to statements that are applied to all functions) 22 - Effect: "Allow" 23 Action: 24 - "cloudwatch:GetMetricStatistics" 25 - "cloudwatch:DescribeAlarms" 26 - "cloudwatch:PutMetricData" 27 Resource: "*" 28 29 function2: 30 handler: 'src/function2.js' 31 events: 32 - stream: # Appropriate permissions will be applied automatically 33 type: dynamodb 34 arn: "<stream-arn>"
License
The MIT License (MIT)
Copyright (c) 2018-2022 Anton Bazhal
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
Found 3/9 approved changesets -- score normalized to 3
Reason
7 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 29 are checked with a SAST tool
Score
2.9
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More